[wp-trac] [WordPress Trac] #32411: Password Strengh giving "strong" for a bad password
WordPress Trac
noreply at wordpress.org
Fri May 15 12:49:38 UTC 2015
#32411: Password Strengh giving "strong" for a bad password
-------------------------+-----------------------------
Reporter: juliobox | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: trunk
Severity: normal | Keywords:
Focuses: |
-------------------------+-----------------------------
Hello folks,
I was testing some password patterns and i found one kind of password that
triggers the "strong" result, but, i think, not really being secure.
The password is :
{{{
b. .
}}}
(space space b dot space space dot). Yes, i'm weird testing this ;)
[[Image(https://dl.dropboxusercontent.com/u/45956904/ScreenShots/strong_password.gif)]]
"b" can't be "a" but can be "x", Some spaces can be "-" etc
Only 7 chars, only 4 differents, no caps, 2 times 2 same chars.
If i relay (a little) on http://howsecureismypassword.net this password
will be cracked by BF attacks in 0.05sec
Maybe the pasword strengh algorythm has to be checked?
Thanks you
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32411>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list